2. "Planning Tool for Resource Integration,
Synchronization, and Management," and is
a "data tool" designed to collect and
process "foreign intelligence" that passes
through American servers. Details about its
existence were leaked to The Washington
Post and The Guardian by Edward Snowden,
a 29-year-old NSA contractor.
What is PRISM?
3. , "PRISM [is] a kick-ass GUI that allows an
analyst to look at, collate, monitor, and cross-
check different data types provided to the
NSA from Internet companies located inside
the United States.“
What is PRISM? (continuation)
4. The first is to emphasize the necessity of the secret
monitoring program. A spokesman
for the U.S. government and other senior officials have
repeatedly defended the
program and tried to claim that the project has helped
the National Security Agency to
detect and foil dozens of terrorist plots. U.S. President
Obama himself has personally
insisted that the project serves only as a counter-
terrorist measure to ensure the safety
of Americans, and he has stated that he is ready to expl
ain the program to European leaders at the G8 summit.
What has the Prism program taught
us?
5. The second is to convince both its domestic and its intern
ational audience of thereasonable goals of the Prism prog
ram. The government has cited the Patriot Act tojustify it
s legitimacy, and has asserted that protective measures w
ere in place toprevent monitored data from being abused
. It has tried to distinguish the Prism secretsurveillance pr
oject from so-
called "Chinese cyber attacks", claiming that there is nore
semblance between the two. According to the US accoun
t the purpose of the formeris "to monitor and track peopl
e who want to do evil", while the latter equates to "China
stealing commercial and military secrets”.
What has the Prism program taught
us?
6. The third is an intention to eventually extradite
Snowden and bring him back to America
to stand trial. In the eyes of American officials,
Snowden’s disclosures concerning the
confidential Prism program represent a serious
breach of American law. The U.S. Has
not yet cited the judiciary assistance agreemen
t with Hong Kong as a means to
extradite Snowden. But it has been busy makin
g its preparations to this end in terms of
both public opinion and legal grounds.
What has the Prism program taught
us?
7. PRISM "cannot be used to intentionally
target any U.S. citizen (PDF), or any other
U.S. person, or to intentionally target any
person known to be in the United States,
according to a statement released by
Director Clapper on June 8.
It only targets foreigners?
8. A huge amount of foreign internet traffic is
routed through or saved on U.S. servers. For
instance, a majority of Facebook and Google
users are not from the United States.
Why would there be foreign
intelligence on American servers?
9. The key word is intentional. The NSA can't
intentionally target an Americans data. But
analysts need only be at least 51 percent
confident of a target's "foreignness."
So how does this affect an
American's data?
10. Microsoft, Yahoo, AOL, Facebook, Google, Apple,
PalTalk, YouTube, and Skype. Dropbox is allegedly
"coming soon." However, 98 percent of PRISM
production is based on just Yahoo, Google, and
Microsoft.
All nine of them have explicitly denied that the
government has "direct access" to their servers.
Reliable sources have confirmed to CNET that
PRISM works on a request-by-request basis, rather
than unfettered access, as was originally reported
by the Washington Post. Here is a direct quote
from our in-depth article on this issue:
Which companies are involved?
11. It's not entirely clear, but according to the New York Times, in at least
two cases the companies discussed creating secure digital dropboxes
where information sought by the NSA could be electronically
deposited. Facebook reportedly actually built such a system.
On Tuesday, June 11, Google published a letter to the Justice
Department, asking for permission to disclose the mechanism by
which FISA requests are completed. A Facebook spokesperson joined
the call, announcing that Facebook would "welcome the opportunity
to provide a transparency report that allows us to share with those
who use Facebook around the world a complete picture of the
government requests we receive, and how we respond." After writing
the letter to the Justice Department, Google discussed with Wired
Magazine the ways it gets legal information to the government,
insisting throughout that reports of "direct access" to Google servers
have been erroneous. Jump to our How does it work? section for
more details.
How?
12. That's a very good question that at first no one was able to
answer.
It now appears as though the answer is: Twitter simply said no.
Companies are legally obligated to comply with any legitimate
government request for user data, but they are under no legal
obligation to make that process easier. Twitter
apparently refused to join the other nine in steam rolling the
process.
On Friday, June 7, the New York Times wrote:
Twitter declined to make it easier for the government. But
other companies were more compliant, according to people
briefed on the negotiations. They opened discussions with
national security officials about developing technical methods
to more efficiently and securely share the personal data of
foreign users in response to lawful government requests. And
in some cases, they changed their computer systems to do so.
Why isn't Twitter a part of
PRISM?
13. According to "slides and other supporting materials" given to
the The Guardian and The Washington Post by Snowden: "e-
mail, chat, videos, photos, stored data, VoIP, file transfers,
video conferencing, notifications of target activity...log-ins, etc.,
online social networking details" -- so, everything.
For instance, Google data includes "Gmail, voice and video
chat, Google Drive files, photo libraries, and live surveillance of
search terms."
The original report suggests that "NSA reporting increasingly
relies on PRISM" as its leading source of raw material,
accounting for nearly one in seven intelligence reports.
A reliable source tells CNET that both the contents of
communications and metadata, such as information about
who's talking to whom, can be requested.
What type of data is monitored?
14. Yes, under Section 702 of the Foreign Intelligence Surveillance
Act (FISA) of 2008 and the Protect America Act of 2007.
Director of National Intelligence James Clapper released a
statement Thursday night saying that "Section 702 is a
provision of FISA that is designed to facilitate the acquisition of
foreign intelligence information concerning non-U.S. persons
located outside the United States. It cannot be used to
intentionally target any U.S. citizen, any other U.S. person, or
anyone located within the United States." FISA was renewed
last year by Congress.
According to the Post, "Late last year, when critics in Congress
sought changes in the FISA Amendments Act, the only
lawmakers who knew about PRISM were bound by oaths of
office to hold their tongues." When the story broke, Ron
Wyden (D-Ore.) and Mark Udall (D-Colo.) released a letter they
cowrote to the Justice Department expressing their concerns
relating to the program.
Is it even legal?